Microsoft Patches 137 CVEs in July, but No Zero-Days

Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint.

July 9, 2025 Signup

Daily Edition

Today’s news and insights for cybersecurity professionals

- Today's News and Features -

TOP STORY

Microsoft Patches 137 CVEs in July, but No Zero-Days‎‎ Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint.‎‎ Keep Reading →

Malicious Open Source Packages Spike 188% YoY‎‎ Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable information, credentials, and API tokens.‎‎

Hackers 'Shellter' Various Stealers in Red-Team Tool to Evade Detection‎‎ Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework.‎‎

Suspected Hacker Linked to Silk Typhoon Arrested in Milan‎‎ The alleged Chinese state-sponsored hacker faces multiple charges, including wire fraud, aggravated identity theft, and unauthorized access to protected computers.‎‎

DR GLOBAL

South Korean Government Imposes Penalties on SK Telecom for Breach‎ Following a breach at the country's top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements.‎

THE EDGE

Unlock Security Operations Success With Data Analysis‎ From data fog to threat clarity: Automating security analytics helps security teams stop fighting phantoms and respond to what matters.‎

DR TECHNOLOGY

AI Trust Score Ranks LLM Security‎ Startup Tumeryk's State of AI Trust finds Google Gemini Pro 2.5 as the most trustworthy, with ChatGPT-4 Mini a close second and DeepSeek and Alibaba Qwen scoring lowest.‎

SPONSORED ARTICLE

Why Encryption Matters in App Security‎‎ Encryption is essential to data security, protecting sensitive information from theft through strong algorithms, key management, and layered defenses.‎‎

Read More →

- Commentary -

Opinions from thought leaders around the cybersecurity industry

4 Critical Steps in Advance of 47-Day SSL/TLS Certificates‎‎ With certificate lifespans set to shrink by 2029, IT teams need to spend the next 100 days planning in order to avoid operational disruptions.‎‎

How Geopolitical Tensions Are Shaping Cyber Warfare‎‎ In today's cyber battlefield, resilience starts with readiness, and the cost of falling short increases by the day.‎‎

More Commentary →

- Upcoming Events -

Wed, August 20, 2025 at 1pm EST Building a Robust Cybersecurity Program: A CISO's Guide

Wed, August 6, 2025 at 1pm EST Securing the AI Agent Ecosystem

| Live Virtual Event | Thursday, July 24th, 2025 | 11:00am - 5:00pm ET | Google Chrome Virtual Event 2025

More Events →

- More Resources -

WHITE PAPER AI for SecOps: Dispelling the Hype and Uncovering Value

WHITE PAPER Introducing AI Trustops: Snyk's readiness framework for building and maturing secure AI development practice

WHITE PAPER Building AI Trust eBook: Securing code in the age of autonomous development

RESEARCH REPORT 2025 State of Cyber Risk Management Report

More Resources →

- Elsewhere in Cyber Today -

TECHTARGET SEARCH SECURITY

Phishing prevention: How to spot, stop and respond to scams

CYBERSECURITY DIVE

Security coalition urges Congress to renew 2015 CISA law

CYBERSECURITY DIVE

Gamers hacked playing Call of Duty: WWII—PC version temporarily taken offline

- Do You Find Today’s Newsletter Helpful? -

Yes Not sure No

You received this message because you are subscribed to Dark Reading's Daily newsletter. If a friend forwarded you this message, sign up here to get it in your inbox. Thoughts about this newsletter? Give us feedback.

Advertise With Us | Privacy Policy | Unsubscribe Copyright © 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US